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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1 308. 

1 . ^ This communication is responsive to 1/21/2010 . 

2. ^ The allowed claim(s) is/are 1-4, 6-16 and 21-24 now renumbered as 1-19 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a) Dan b)nSome* c) □ None of the: 

1. n Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. O Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 



Attachment(s) 

1 . □ Notice of References Cited (PTO-892) 

2. □ Notice of Draftperson's Patent Drawing Review (PTO-948) 

3. 13 Information Disclosure Statements (PTO/SB/08), 

Paper No./Mail Date 1/21/2010 
4. □ Examiner's Comment Regarding Requirement for Deposit 

of Biological Material 



/Kenny S Lin/ 

Primary Examiner, Art Unit 2452 



5. n Notice of Informal Patent Application 

6. □ Interview Summary (PTO-413), 

Paper No./Mail Date . 

7. 3 Examiner's Amendment/Comment 

8. □ Examiner's Statement of Reasons for Allowance 

9. □ Other . 
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DETAILED ACTION 



1. 



Claims 1-4, 6-16 and 21-24 are presented for examination. 



2. 



The IDS submitted on 1/21/2010 is considered. 



EXAMINER'S AMENDMENT 



3. An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Daniel ditto, Reg. No. 58,996, on April 23, 2010. 

4. The apphcation has been amended as follows: 

1 . (Currently amended) A network interface unit for communicating data 

packets over one or more non-secure networks between one or more client devices associated 

with one or more local area networks (LAN) and a secure virtual private network (VPN) node, 

comprising: 

means for authenticating the one or more client devices for access to the secure VPN 

node, 

a graphical user interface server for presenting an authentication menu to the one or more 
client devices, wherein, when a first one of the client devices is incompatible with the 
authentication menu, the authentication means is to authenticate the first client device in 
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response to an authentication of a second one of the client devices via the authentication menu, 
the second client device being compatible with the authentication menu; 

means for receiving a menu selection from the second client device [[menu]], the 
selection corresponding to a connection profile associated with a first type of connection; 

means for accessing the one or more non-secure networks using information associated 
with the selection; and 

a security server for estabhshing a secure communication over the non-secure network 
between the LAN and the secure VPN node. 

2. (Previously Presented) The network interface unit of claim 1, further comprising a 
configuration server having a memory for storing configuration information for at the chent 
devices, and means for retrieving the configuration information from the memory in response to 
an authentication of one of the client devices. 

3. (Previously Presented) The network interface unit of claim 2, wherein the configuration 
information comprises information received in association with_each of the chent devices upon 
an initial authentication of respective ones of the client devices. 

4. (Previously Presented) The network interface unit of claim 1, wherein the second client 
device is designated for authentication on behalf of the first client device and other incompatible 
client devices associated with the LAN. 

5. (Cancelled). 

6. (Previously Presented) The network interface unit of claim 2, wherein the configuration 
information corresponding to the client devices comprises information related to connections to 
the one or more non-secure networks. 



7. 



(Previously Presented) The network interface unit of claim 6, wherein the information 
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related to the connections to the one or more_non-secure networks comprises information relating 
to a dial-up connection. 

8. (Previously Presented) The network interface unit of claim 7, wherein the information 
related to the dial-up connection comprises information relating to a customized dial-up 
connection, the information relating to the customized dial-up connection comprising a 
customized string of characters to control a modem connection to the one or more non-secure 
network networks. 

9. (Previously Presented) The network interface unit of claim 6, wherein the information 
related to the connections to the one or more non-secure networks comprises information relating 
to a connection having a fixed IP address. 

10. (Previously Presented) The network interface unit of claim 6, wherein the information 
related to the connections to the one or more non-secure networks comprises information relating 
to one a connection having a temporary IP address. 

1 1 . (Previously Presented) The network interface unit of claim 10, further comprising a 
Dynamic Host Configuration Protocol (DHCP) server for providing the temporary IP address. 

12. (Previously Presented) The network interface unit of claim 6, further comprising a 
Dynamic Host Configuration Protocol (DHCP) client for obtaining a temporary IP address from 
the at least one non-secure network and providing the temporary IP address for use in a 
connection. 

13. (Previously Presented) The network interface unit of claim 6, wherein the information 
related to the connections to the one or more non-secure networks comprises information relating 
to a point-to-point over Ethernet (PPPoE) connection. 
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14. (Previously Presented) The network interface unit of claim 2, wherein the memory 
comprises a removable memory module. 

15. (Previously Presented) The network interface unit of claim 14, wherein the removable 
memory module stores web pages for presentation by the graphical user interface server. 

16. (Previously Presented) The network interface unit of claim 1, wherein the means for 
authenticating the client devices comprises means for comparing a client identifier and password 
information received from the chent devices with information stored at the network interface 
unit. 

17-20. (Cancelled). 

21 . (Previously Presented) A method for communicating data packets over a non-secure 
network between chent devices a secure virtual private network (VPN) node, comprising: 

receiving a request from a first client device associated with a first local area network 
(LAN) to access the secure VPN node; 

presenting an authentication menu via a graphical user interface on the first client 

device; 

in response to receiving valid authentication information from the first client device, 
authenticating the first client device for access to the secure VPN node; 

when a second client device associated with the first LAN is incompatible with the 
authentication menu, authenticating the second chent device associated with the first LAN in 
response to the authentication of the first client device associated with the first LAN, the first 
client device being compatible with the authentication menu; 

receiving a menu selection from the first client device corresponding to a connection 
profile associated with a first type of connection; 

accessing the non-secure network using information associated with the selection; and 
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establishing a secure communication over the non-secure network between the first LAN 
and the secure VPN node. 

22. (Currently Amended) [[A]] The method as defined in claim 21, wherein the first client 
device is designated for authentication on behalf of an incompatible chent device, the first client 
device and the incompatible client device being associated with the same LAN. 

23 . (Currently Amended) A tangible machine readable medium non-transitory memory 
storing instructions that, when executed, cause a machine to: 

receive a request from a first client device associated with a first local area network 
(LAN) to access a secure VPN node; 

present an authentication menu via a graphical user interface to the first client device; 

in response to receiving valid authentication information from the first client device, 
authenticate the first client device for access to the secure VPN node; 

when a second client device associated with the first LAN is incompatible with the menu, 
authenticate the second client device of the first LAN in response to the authentication of the first 
client device of the first LAN; 

receive a menu selection from the first client device corresponding to a connection profile 
associated with a first type of connection; 

access a non-secure network using information associated with the selection; and 

establish a secure connection over the non-secure network between the first LAN and the 
secure VPN. 

24. (Currently Amended) A tangible machine readable medium The non-transitory memory 
as defined in claim 23, wherein the first client device is designated for authentication on behalf 
of an incompatible client device associated with the first LAN. 



Allowable Subject Matter 
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5. Claims 1-4, 6-16 and 21-24 are allowed. 

Conclusion 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kenny Lin whose telephone number is (571) 272-3968. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Thu Nguyen can be reached on (571) 272-6967. The fax phone number for the 
organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an apphcation may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



/Kenny S Lin/ 

Primary Examiner, Art Unit 2452 
April 27, 2010 



